This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description As a Senior Security Engineer (d/f/m), your responsibilities will include: - Architecting our technical security operations while supporting the general growth and maturity of our information security program. - Driving the implementation of a SIEM, including log ingestion, tuning, and general log/evidence integration across a broad range of product and enterprise technologies. - Detecting, investigating, and resolving security events and incidents to continuously minimize impact and recovery time. - Leading the technical IR lifecycle (including our product) as the Incident Commander, conducting forensics and comprehensive post-incident analysis. - Creating and maintaining comprehensive incident response runbooks and automated response processes to continuously mature the IR program. - Assisting with the broader security posture through code reviews, implementing technical controls, and building checks into our CI/CD pipeline. Qualifications - 5+ years of experience as a product-facing SOC Analyst, Incident Responder, or Security Engineer (or equivalent) in a SaaS/E-commerce environment. - Proven ability to act as Incident Commander in the technical IR lifecycle—preferably for a SaaS/E-commerce product with high uptime and resilience requirements—leading forensics and driving SIEM implementation and tuning. - A proven track record of taking end-to-end ownership in a fast-paced environment, building processes from the ground up, and constantly adjusting to technological and organizational change. - Proficiency in any programming language for scripting, security tooling development, and automating GRC evidence collection. - A Bachelor's or Master’s degree in Computer Science, Information Technology, Cybersecurity, or a closely related technical field. Requirements - Proficiency in Terraform for securing infrastructure, combined with hands-on experience in integrating security testing. - Experience with preventing “rent-seeking” attacks like cybersquatting, sneaker bots, scalping, or grinch bots. - Experience in executing Red Team operations and/or penetration testing, with the ability to effectively collaborate with development teams to drive the remediation of software vulnerabilities. Benefits - We scale sustainably on a profitable, VC-backed foundation with true product-market fit. - Collaborate with over 160 dedicated professionals, including leaders from Google, Slack, and Salesforce. - We’re a diverse, merit-driven team spread across six global offices. - Consistently ranked among the fastest-growing scale-ups in Europe. - Work alongside some of tech’s brightest minds — from Forbes 30 Under 30 founders to Executive of the Year award winners.

• Serve as the primary escalation resource for Cloudflare issue resolution • Engineer, optimize, and maintain Cloudflare security solutions • Manage and refine enterprise Palo Alto firewall policies • Conduct ongoing security assessments of network and application controls • Support the enterprise certificate lifecycle program • Participate in on-call rotations and help train and mentor engineers

• Lead Mergers & Acquisitions (M&A) Security initiatives • Orchestrate the end-to-end security integration of acquired entities • Collaborate closely with cross-functional teams including Security and Privacy, Legal, N-Tech, Engineering and Business Units • Build security roadmaps for each M&A and deliver secure and seamless transitions • Ensure new and ongoing M&A projects achieve their desired integration targets on time • Partner with Security Engineering, Enterprise Technology, Product, and M&A teams to define integration blueprints • Build automation and playbooks to shorten integration timelines and improve consistency of post-acquisition security operations

• Cross-functional coordination and management • Centralize security requirements for the various business IT departments • Drive responses with engineering teams: analyses, trade-offs, and action tracking • Serve as the single point of entry for your scope • Handle requests from the service catalog and ad-hoc requests outside the catalog • Support small projects and cross-functional security initiatives • Structure and track an average of one request per quarter • Contribute to cybersecurity monitoring and best practices • Raise awareness among stakeholders about security issues • Provide support on build-oriented topics with technical teams • Ensure consistency and overall quality of technical deliverables